Access your Pro+ Content below.

At Your Service: Veracode's SaaS-based application analysis

SecurityReview Veracode www.veracode.com Price: Minimum cost of engagement is at $40K Application development has historically given short shrift to security, and we pay the price for it every day as attackers exploit vulnerable Web apps to control corporate systems and steal sensitive data. Companies are finally building security into the software development lifecycle, but vetting software for security is difficult, time-consuming and error-prone. Organizations often turn to pen testers and/or a variety of commercial products. Symantec spinoff Veracode weighs in with an on-demand software-as-a-service (SaaS) that performs binary analysis of any application. Customers upload apps to Vera-code, which reports possible flaws and recommends remediation. Binary analysis offers particular advantages. Companies are often twitchy about sharing source code, and binary analysis may well find flaws that source code, Web crawling and manual analysis miss. Moreover, applications are typically not monolithic, single-source programs but are ...